Secuware Security Framework offers interesting functionality

Security Strategies This newsletter is sponsored by FireEye Perspectives Editorial Webcast: What You Don't Know About Crimeware Can Cost You Cybercrime is on the rise AND getting more nefarious. Script kiddies kept us busy with their pesky hacks, but the name of the game today is profit, meaning attacks are targeted and more dangerous. This webcast looks at how the game is changing and what it means for corporate IT shops. Network World's Security Strategies Newsletter, 05/10/07 Secuware Security Framework offers interesting functionality By M. E. Kabay Organizations differ in the amount of control that is necessary and appropriate for information circulating among people who work together. In some organizations, it makes sense to maintain a liberal policy of openness and sharing of corporate data; the philosophy behind such openness is that information exchange can lead to unexpected benefits well beyond the risks of sharing. Entrepreneurial startups with small groups of enthusiastic, creative people collaborating closely on new ways of doing business can be ideal places for a permissive security posture based on the need to conceal rather than the need to know. On the other hand, for organizations with highly sensitive data pertinent to limited subsets of employees, a more restrictive need-to-know posture might make more sense. Controlling access to information within an organization while fostering appropriate information exchange by authorized personnel are conflicting challenges for enterprise security managers. The Security Standard - The Only Executive Summit Focused on the Business, Management and Strategic Aspects of Security September 10-11, 2007 | The Fairmont Hotel Chicago How do your security initiatives support company business goals? The answer to this question can make all the difference in gaining the corporate-wide support and resources you need to drive your security strategies. Uncover best practices and organizational strategies for achieving success by attending The Security Standard Conference. Click here for more details. Click here for more details I recently received a white paper on this subject from Secureware entitled “Closed Circuits for Information: 360-degree Data Protection for the Enterprise” and found it to be unusually well-written and informative. The Secuware Security Framework (SSF) is an add-on for the Windows operating system. According to the white paper, it offers strong identification and authentication coupled with whole-system encryption that can be extended to network devices and removable media. Some of the significant features I noted include the following: * Pre-boot authentication that is resistant to typical bypasses such as booting from alternative media; * Whole-disk encryption with an additional performance overhead of only 0.15%; * Controls over application execution using white lists; * Extensive security-management functions for policy definition and user configuration; * Granularity extending to individual devices such as specific flash drives; * User profiles that can apply to individual users or to groups of users in specific functional areas (e.g., departments or branches); * Easy definition of restricted subsets of information exchange equivalent to subnets on a partitioned network without having to change network topology; * Entirely client-based - no security servers to manage; * Centralized security-policy administration for all systems on a network. The white paper includes a comparative analysis with Microsoft Vista BitLocker, the new whole-disk encryption functions available under Vista Enterprise. I hope that some readers of this column will find the white paper interesting and useful. [Disclaimer: I have no relationship whatever with Secuware.]   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. Analysts squash IBM layoff rumors 2. Five cool future IT positions 3. Top 15 controversial Microsoft quotes 4. Top things we love and hate about Apple 5. Thin clients in, PCs out at Verizon Wireless 6. 10 ways to boost your IT org now 7. Cringely should stop shooting his mouth off 8. Users headed to Vista, but concerns increase 9. Wireless LANs turned inside-out 10. Management heavies get poor grades in survey MOST E-MAILED STORY: Homeless man disrupts Internet2 service

Contact the author: M. E. Kabay, Ph.D., CISSP-ISSMP, is Associate Professor of Information Assurance and CTO of the School of Graduate Studies at Norwich University in Northfield, Vt. Mich can be reached by e-mail and his Web site. Two valuable (ISC)2 seminars coming up in May and June: End-to-End-Digital Investigation on May 31 in Denver and INFOSEC Update June 4-5 in Marina del Rey. This newsletter is sponsored by FireEye Perspectives Editorial Webcast: What You Don't Know About Crimeware Can Cost You Cybercrime is on the rise AND getting more nefarious. Script kiddies kept us busy with their pesky hacks, but the name of the game today is profit, meaning attacks are targeted and more dangerous. This webcast looks at how the game is changing and what it means for corporate IT shops. ARCHIVE Archive of the Security Strategies Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007